NCSC Features
Matthew Halvorsen, Strategic Program Director for NCSC’s Supply Chain and Cyber Directorate, recently sat down with Gregory Garcia, the Executive Director for Cybersecurity of the Health Sector Coordinating Council, for an audio interview on current threats to the health care sector. The discussion focused on cyber and supply chain threats, including ransomware, nation-state targeting of COVID-19 research, and other current topics.
This episode is the first in a series of interviews with experts and practitioners from government, industry, research and academia to spotlight threats to key U.S. supply chains and highlight mitigation.
- Check out NCSC’s first podcast interview, click here
- For a transcript of the interview, click here
Guest Speaker
Greg Garcia is the Executive Director for Cybersecurity of the Health Sector Coordinating Council, the convening organization for critical healthcare infrastructure organizations working in partnership with HHS and other government agencies to protect the security and resilience of the sector, patient safety and public health.
Greg was the nation's first DHS Assistant Secretary for Cybersecurity and Communications under President George W. Bush, 2006-09, where among other achievements he initiated the creation of the National Cyber and Communications Integration Center (NCCIC). He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held executive positions with Bank of America, 3Com Corporation, and the Information Technology Association of America.
Greg also served as professional staff on the Committee on Science in the U.S. House of Representatives, where he helped draft and shepherd enactment of the Cyber Security Research and Development Act of 2002.
The Executive Director of the National Counterintelligence and Security Center has issued her letter of endorsement for the fifth annual National Insider Threat Awareness Month in September 2023. Please join us during September to emphasize the importance of safeguarding our nation by detecting, deterring, and mitigating insider threats. If you would like to increase awareness in your workforce, visit the National Insider Threat Awareness Month website to learn more about the serious risks posed by insider threats and how to recognize and report anomalous/threatening activities to enable early intervention. The web page of the National Insider Threat Task Force also has resources available.
Do you want to connect? Understand that foreign intelligence entities and criminals routinely use deception on social media platforms to try and connect with people who have access to information they want. Before you link online with someone you don’t know, think about the risks it may pose to yourself, your family, your organization and even national security.
The “Nevernight Connection”
The FBI and the National Counterintelligence and Security Center (NCSC) have released a new movie, “The Nevernight Connection,” to raise awareness of how hostile actors use fake profiles and other forms of deception on social media to target individuals in government, business and academic communities for recruitment and information gathering.
Inspired by true events, the 30-minute video details the fictional account of a former U.S. Intelligence Community official targeted by a foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.
The Threat
On professional networking sites and other social media platforms, hostile actors routinely pose as headhunters, interested employers or people with enticing career opportunities in order to connect and develop relationships with people who have access to valuable information.
Over time, they attempt to elicit information from their targets, including about their work and contacts. In some cases, promising targets are offered all-expense-paid trips overseas for meetings or presentations, where they are pressured to turn over more information. Some foreign intelligence services are doing this on a mass scale, targeting thousands of people globally via social media.
While current and former government employees are at risk from these schemes, individuals in the private sector and academic and research communities are also being targeted this way by hostile actors seeking to acquire trade secrets, proprietary data and information about cutting-edge research and technology.
Mitigation
At a minimum, the NCSC and FBI encourage the public to practice basic cyber hygiene when receiving an invitation to connect via social media.
- Never accept an invitation to connect from someone you do not know, even if they are a friend of a friend
- If possible, validate invitation requests through other means before accepting them
- Exercise caution when posting information about yourself, your job and contacts on social media, as it could draw unwanted attention from adversaries and criminals
- Report suspicious online approaches to appropriate authorities
Additional Resources
U.K. Centre for the Protection of National Infrastructure (CPNI)
- “Think Before You Link” — These CPNI materials provide advice on how to recognize malicious online profiles, realize the threat they pose, respond appropriately and minimize the risk of being targeted in the first place
- “Glitch” — This CPNI video identifies how hostile actors use professional networking sites to build relationships with targets and attempt to access sensitive information
National Counterintelligence and Security Center (NCSC)
- “Know the Risk: Raise Your Shield” — Video on social media deception
- “Don’t Be This Guy” — Additional video on social media deception
- “Social Media Deception” — Additional video on social media deception
- NCSC Social Media Deception poster and infographic
- NCSC Social Engineering poster and infographic
"Safeguarding Our Future" bulletins provide a brief overview of a specific foreign intelligence threat as well as impacts of that threat and steps for mitigation. Contact This email address is being protected from spambots. You need JavaScript enabled to view it. to request to be added to NCSC’s dissemination list for these and other NCSC materials.
2025
- Safeguarding Western Tech Startups (09/04/2025)
- Safeguarding Academia (08/25/2025)
- Online Targeting of Current & Former U.S. Government Employees (04/08/2025)
2024
- Safeguarding the U.S. Defense Industrial Base and Private Industry Against Sabotage (11/21/2024)
- Safeguarding Our Critical Infrastructure (11/19/2024)
- Safeguarding Our Innovation (07/24/2024)
- Safeguarding Our Military Expertise (06/05/2024)
2023
- Safeguarding the Public from the Russian Intelligence Threat (10/12/2023)
- Enterprise Risk Management Blueprint for Non-Intelligence Agencies (10/11/2023)
- Safeguarding the U.S. Space Industry (08/18/2023)
- U.S. Business Risk: PRC Laws Expand Beijing’s Oversight of Foreign & Domestic Companies (06/30/2023)
- Don’t Be a Pawn of Repressive Foreign Governments (03/28/2023)
2022
Below are links to the press release and the National Counterintelligence Strategy
NCSC’s “Wall of Spies Experience” provides more than 200 stories of espionage and sabotage from our country’s founding to contemporary times.
